Certified Information Systems Security Professional (CISSP®) - Self-paced

Length 180 days access
Price NZD 1380 exc GST

Course overview

Book now

Course locations >>

Why study this course

Official ISC2 Online Self-paced Training gives you the freedom to learn anytime, anywhere. Updated course content aligns with the recently refreshed Certified Information Systems Security Professional (CISSP®) exam outline and features enhanced videos, audio presentations, interactive exercises and assessments. As you work through the course, you can email authorised instructors regarding any content-related questions.

This CISSP Self-paced Training helps candidates prepare for the rigorous CISSP certification exam anytime, anywhere without sacrificing quality for convenience. Training provides in-depth review of information security concepts and industry best practices, with comprehensive coverage of the eight domains of the CISSP CBK® (Common Body of Knowledge. All learning activities are designed to increase abilities and acumen required to successfully implement and manage security programs in any organisation or government entity.

CISSP Self-paced training includes:

180-day access to official course content
- 15+ hours of pre-recorded videos and narrated power points
- 71 real-world learning activities and 9 applied scenarios
- 9 end-of-chapter quizzes with answer feedback
- 180-question post-course assessment with answer feedback
- Online interactive flash cards
- Glossary of terms
- 24x7x365 chat technical support, provided by ISC2
- Instructor email support, provided by ISC2
Official ISC2 Certificate of Completion
Course Completion Badge

Please note: The exam is not included in the course fee but can be purchased separately. Please contact us for a quote.

ISC2 may require up to ten days to issue the self-paced material after it has been purchased.

Can’t see the video above? Click here to open it in a new screen.

Request Course Information

What you’ll learn

Understand and apply fundamental concepts and methods related to the fields of information technology and security
Align overall organisational operational goals with security functions and implementations
Understand how to protect assets of the organisation as they go through their lifecycle
Understand the concepts, principles, structures, and standards used to design, implement, monitor, and secure operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity, and availability
Implement system security through the application of security design principles and the application of appropriate security control mitigations for vulnerabilities present in common information system types and architectures
Understand the importance of cryptography and the security services it can provide in today’s digital and information age
Understand the impact of physical security elements on information system security and apply secure design principles to evaluate or recommend appropriate physical security protections
Understand the elements that comprise communication and network security coupled with a thorough description of how the communication and network systems function
List the concepts and architecture that define the associated technology and implementation systems and protocols at Open Systems Interconnection (OSI) model layers 1-7
Identify standard terms for applying physical and logical access controls to environments related to their security practice
Appraise various access control models to meet business security requirements
Name primary methods for designing and validating test and audit strategies that support business requirements
Enhance and optimise an organisation’s operational function and capacity by applying and utilising appropriate security controls and countermeasures
Recognise risks to an organisation’s operational endeavours, and assess specific threats, vulnerabilities, and controls
Understand the System Lifecycle (SLC) and the Software Development Lifecycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security

ISC2 Official Training Partner - Preferred

ISC2 at Lumify Work

ISC2: The world’s leading cyber security and IT security professional organisation. Lumify Work is one of only a few select training providers in Australia with campuses in New Zealand and the Philippines. We offer official ISC2 courses and training materials.

View all ISC2 courses

Who is the course for?

This CISSP training in NZ is intended for professionals who have at least five years of recent full-time professional work experience in two or more of the eight domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. This includes those working in positions such as, but not limited to:

Chief Information Security Officer
Chief Information Officer
Director of Security
IT Director/Manager
Security Systems Engineer
Security Analyst
Security Manager
Security Auditor
Security Architect
Security Consultant
Network Architect

Course subjects

This ISC2 CISSP self-paced training course provides in-depth coverage of the eight domains required to prepare for the CISSP exam. Refer to the CISSP Exam Outline for a deeper dive into the CISSP domains.

1. Security and Risk Management

Understand, adhere to, and promote professional ethics
Understand and apply security concepts
Evaluate and apply security governance principles
Understand legal and regulatory issues that pertain to information security in a holistic context
Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
Develop, document, and implement security policy, standards, procedures, and guidelines
Identify, analyse, and prioritise Business Continuity (BC) requirements
Contribute to and enforce personnel security policies and procedures
Understand and apply risk management concepts
Understand and apply threat modeling concepts and methodologies
Apply Supply Chain Risk Management (SCRM) concepts
Establish and maintain a security awareness, education, and training program

2. Asset Security

Identify and classify information and assets
Establish information and asset handling requirements
Provision resources securely
Manage data lifecycle
Ensure appropriate asset retention (e.g., Eng-of-Life (EOL), End-of-Support (EOS))
Determine data security controls and compliance requirements

3. Security Architecture and Engineering

Research, implement and manage engineering processes using secure design principles
Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)
Select controls based upon systems security requirements
Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
Select and determine cryptographic solutions
Understand methods of cryptanalytic attacks
Apply security principles to site and facility design
Design site and facility security controls
Manage the information system lifecycle

4. Communication and Network Security

Apply secure design principles in network architectures
Secure network components
Implement secure communication channels according to design

5. Identity and Access Management (IAM)

Control physical and logical access to assets
Manage identification and authentication of people, devices, and services
Federated identity with a third-party service
Implement and manage authorisation mechanisms
Manage the identity and access provisioning lifecycle
Implement authentication systems

6. Security Assessment and Testing

Design and validate assessment, test, and audit strategies
Conduct security control testing
Collect security process data (e.g., technical and administrative)
Analyse test output and generate report
Conduct or facilitate security audits

7. Security Operations

Understand and comply with investigations
Conduct logging and monitoring activities
Perform Configuration Management (CM) (e.g., provisioning, baselining, automation)
Apply foundational security operations concepts
Apply resource protection
Conduct incident management
Operate and maintain detective and preventative measures
Implement and support patch and vulnerability management
Understand and participate in change management processes
Implement recovery strategies
Implement Disaster Recovery (DR) processes
Test Disaster Recovery Plans (DRP)
Participate in Business Continuity (BC) planning and exercises
Implement and manage physical security
Address personnel safety and security concerns

8. Software Development Security

Understand and integrate security in the Software Development Life Cycle (SDLC)
Identify and apply security controls in development environments
Assess the effectiveness of software security
Assess security impact of acquired software
Define and apply secure coding guidelines and standards

Prerequisites

For CISSP training, you should have a minimum of five years of experience working in IT Infrastructure and Cybersecurity.

CISSP certification requirements: Candidates for the CISSP certification exam must have a minimum of five years cumulative, paid work experience in two or more of the eight domains of the CISSP CBK.

A candidate who doesn’t have the required experience to become a CISSP may become an Associate of ISC2 by successfully passing the CISSP exam. An Associate of ISC2 can then accumulate the necessary work experience to achieve full certification.

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Looking for more course options?

View all ISC2 courses View all Cyber Security courses View all IT Infrastructure and Networks courses